package mwa.cs.rec.ctrl;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import mwa.cs.dao.UserLoginDAO;
import mwa.cs.database.Database;
import mwa.cs.util.Encryption;



/**
 * Servlet implementation class RecoverPasswordSrvl
 */
public class RecoverPasswordSrvl extends HttpServlet {
	private static final long serialVersionUID = 1L;

	/**
	 * @see HttpServlet#HttpServlet()
	 */
	public RecoverPasswordSrvl() {
		super();
		// TODO Auto-generated constructor stub
	}

	public void processRequest(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		Database db = new Database();
		UserLoginDAO voUserLoginDAO = new UserLoginDAO(db);
		Encryption voEncryption = new Encryption();
		Map<String, Object> voMap = new HashMap<String, Object>();
		int vnUserId = 0;
		if (request.getParameter("UserId") != null) {
			vnUserId = Integer.parseInt(request.getParameter("UserId"));
		}
		String vaUserName = request.getParameter("username");
		String vaPassword = request.getParameter("password");
		String vaConfirmPassword = request.getParameter("confirm_password");
		String vaKey = request.getParameter("Key");
		String vaPage = "";
		voMap = voUserLoginDAO.findUserByUserId(vnUserId);
		if (voMap != null) {
			if (voMap.get("PASSWORD_KEY").equals(vaKey)) {
				request.setAttribute("vaUserId", voMap.get("USER_ID").toString());
				request.setAttribute("vaKey", voMap.get("PASSWORD_KEY")
						.toString());

				if (request.getParameter("user_id") == null) {
					vaPage = "RC0001001.jsp";
				} else {
					request.setAttribute("UserName", vaUserName);
					// Check form
					if (!voMap.get("USER_NAME").equals(vaUserName)) {
						request.setAttribute("vaUserMessageError",
								"ชื่อผู้ใช้ไม่ถูกต้อง");
						vaPage = "RC0001001.jsp";
					}
					if (vaPassword.equals("")) {
						request.setAttribute("vaPasswordMessageError1",
								"รหัสผ่านห้ามเว้นว่าง");
						vaPage = "RC0001001.jsp";
					} else {
						request.setAttribute("Password1", vaPassword);
						if (vaPassword.length() < 8 || vaPassword.length() > 20) {
							request.setAttribute("vaPasswordMessageError1",
									"รหัสผ่านต้องมีจำนวนตัวอักษร 8 - 20 ตัวอักษร");
						}
						if (!vaPassword.equals(vaConfirmPassword)) {
							request.setAttribute("vaPasswordMessageError2",
									"รหัสผ่านไม่ตรงกัน");
						} else {
							request.setAttribute("Password2", vaPassword);
						}
						vaPage = "RC0001001.jsp";
					}
					// -------------------------------------------
					if (voMap.get("USER_NAME").equals(vaUserName)) {
						if (!vaPassword.equals("")) {
							if (vaPassword.length() >= 5
									&& vaPassword.length() <= 16) {
								if (vaPassword.equals(vaConfirmPassword)) {
									
									vaPassword = voEncryption.md5Encrypt(voEncryption.dataEncrypt(vaPassword));
									voUserLoginDAO.updatePassword(vnUserId,
											vaPassword);
									voUserLoginDAO.updateLoginKey(vnUserId);
									voUserLoginDAO.updatePasswordKey(vnUserId);
									vaPage = "../index.jsp";
									request.setAttribute("vaStatus", "Recover");
									request.setAttribute("UserName", null);

								}
							}
						}
					}
					//-------------------------------------------
				}
			} else {
				request.setAttribute("vaForgetPasswordMessageError",
						"กรุณาทำการระบุชื่อผู้ใช้ใหม่");
				vaPage = "../index.jsp";
				request.setAttribute("vaStatus", "Expired");
				request.setAttribute("vaTypeForm", "forgetPassword");

			}
		} else {
			request.setAttribute("vaForgetPasswordMessageError",
					"กรุณาทำการระบุชื่อผู้ใช้ใหม่");
			vaPage = "../index.jsp";
			request.setAttribute("vaStatus", "Expired");
			request.setAttribute("vaTypeForm", "forgetPassword");

		}
		RequestDispatcher voRequestDispatcher = request.getRequestDispatcher(vaPage);
		voRequestDispatcher.forward(request, response);
	}

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doGet(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		processRequest(request, response);
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		processRequest(request, response);
	}

}
